Created
February 6, 2017 04:16
-
-
Save im-kashi/61e366d2d0e8ae784b8e60016d31bf9d to your computer and use it in GitHub Desktop.
Web.config 差分テンプレ
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<configuration> | |
<system.web> | |
<httpRuntime enableVersionHeader="false" /> | |
<httpCookies httpOnlyCookies="true" /> | |
</system.web> | |
<system.webServer> | |
<httpProtocol> | |
<customHeaders> | |
<remove name="X-Powered-By" /> | |
<!-- | |
セキュリティ対策用カスタム HTTP ヘッダ | |
https://www.ipa.go.jp/security/awareness/vendor/programmingv2/contents/705.html | |
http://d.hatena.ne.jp/hasegawayosuke/20110107/p1 | |
--> | |
<add name="X-Content-Type-Options" value="nosniff" /> | |
<add name="X-XSS-Protection" value="1; mode=block" /> | |
<add name="X-Frame-Options" value="DENY" /> | |
</customHeaders> | |
</httpProtocol> | |
</system.webServer> | |
</configuration> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<configuration> | |
<system.web> | |
<compilation xdt:Transform="RemoveAttributes(debug)" /> | |
<httpCookies httpOnlyCookies="true" requireSSL="true" lockItem="true" xdt:Transform="Replace" /> | |
</system.web> | |
<system.webServer> | |
<httpProtocol> | |
<customHeaders> | |
<add name="Strict-Transport-Security" value="max-age=31536000" xdt:Transform="Insert" /> | |
</customHeaders> | |
</httpProtocol> | |
</system.webServer> | |
</configuration> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment